CVE-2016-1000107 in Erlangالمعلومات

الملخص

بحسب MITRE

inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

18/07/2016

الاعتدال

تمت الموافقة

إدخال

VDB-146846

EPSS

0.01428

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you know our Splunk app?

Download it now for free!